CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [144]
In the physical environment, perimeter security is accomplished using locks, doors, surveillance systems, and alarm systems. This isn’t functionally any different from a network, which uses border routers, intrusion detection systems, and firewalls to prevent unauthorized access. Figure 6.3 illustrates the systems used to prevent network intrusion.
Few security systems can be implemented that don’t have weaknesses or vulnerabilities. A determined intruder can, with patience, overcome most security systems. The task may not be easy, and it may require careful planning and study; however, a determined adversary can usually figure out a way.
FIGURE 6.3 Network perimeter defense
If you want to deter intruders from breaking into your building, you can install improved door locks, coded alarm systems, and magnetic contacts on doors and windows. Remember that you can’t always keep an intruder out of your building; however, you can make an intrusion riskier and more likely to be discovered if it happens.
Don’t overlook the obvious. Adding a security guard to the front door will go a long way toward keeping an intruder out.
Real World Scenario
Circumventing Security
Recently, a small business noticed that the level of network traffic seemed to be very high in the late evening and early morning. The business couldn’t find a network-related reason why this was happening. Upon investigation, the security consultant found that a part-time employee had established a multiuser game server in his office. The game server was set to turn on after 10:00 p.m. and turn off at 5:30 a.m. This server was hidden under a desk, and it supported around 30 local game players. The part-time employee didn’t have a key to the building, so an investigation was conducted to determine how he gained access to the building after hours. The building had electronic locks on its outside entrances, and a pass card was needed to open the doors. However, the door locks were designed to automatically unlock when someone was leaving the building.
The investigation discovered that the employee and a friend had figured out a way to slide a piece of cardboard under one of the external doors, which activated the door mechanisms and unlocked the doors. The intruders took advantage of this weakness in the doors to gain access after hours without using a passcard and then used the server to play games in his office.
Security Zones
A security zone is an area in a building where access is individually monitored and controlled. A large network, such as a large physical plant, can have many areas that require restricted access. In a building, floors, sections of floors, and even offices can be broken down into smaller areas. These smaller zones are referred to as security zones. In the physical environment, each floor is broken into separate zones. An alarm system that identifies a zone of intrusion can inform security personnel about an intruder’s location in the building; zone notification tells them where to begin looking when they enter the premises.
The concept of security zones is as old as security itself. Most burglar alarms allow the creation of individual zones within a building or residence; these zones are treated separately. When you go to bed, for example, the alarm shouldn’t monitor the bedroom for movement because it’s perfectly acceptable there.
Real World Scenario
Security Zones in the Physical Environment
As a security administrator, you’ll need to evaluate your workplace and think of physical zones that should exist in terms of different types of individuals who might be present. If your workplace is already divided into zones, forget that this has been done and start from scratch. Answer the following questions:
1. What areas represent the physical dimension of your workplace (buildings,